Changing the port number that your SSH server listens on is a simple way to prevent random brute force login attacks against your server. While people can still perform attacks against SSH running on a different port number, most automated tools will default to port 22, and not actually do a full port scan.
Any port number can be used, as long as it is not already in use by another service.
Note: Make sure you are logged in as a user with root privledges when running these commands.
Open the /etc/ssh/sshd_config file in your favorite editor.
# vi /etc/ssh/sshd_config
Look for the following line (it may be commented out, as port 22 is the default):
Port 22
or
#Port 22
Edit this line to reflect the port number you wish to listen on. Un-comment it if it was commented out:
Port 22843
This will set up the SSH server to listen on port 22843.
Save the file and exit the editor.
Restart the SSH daemon:
Ubuntu:
$ sudo service ssh restart
CentOS:
# service sshd restart
FreeBSD:
# service sshd restart
Confirm that it is listening on the new port number by issuing the following command:
netstat -an | grep LISTEN
Make sure that next time you connect, you specify the new port number.
